CVE-2021-42940
N/A
N/A
Summary
A Cross Site Scripting (XSS) vulnerability exists in Projeqtor 9.3.1 via /projeqtor/tool/saveAttachment.php, which allows an attacker to upload a SVG file containing malicious JavaScript code.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://www.projeqtor.org/en/
- https://truedigitalsecurity.com/services/penetration-testing-services/advisory-summary-2.2022-cve-2021-42940
References
- https://www.projeqtor.org/en/
- https://truedigitalsecurity.com/services/penetration-testing-services/advisory-summary-2.2022-cve-2021-42940
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.